b585e7fb90
- update to 9.16.10: New Features: * NSEC3 support was added to KASP. A new option for dnssec-policy, nsec3param, can be used to set the desired NSEC3 parameters. NSEC3 salt collisions are automatically prevented during resalting. [GL #1620] * A new configuration option, stale-refresh-time, has been introduced. It allows a stale RRset to be served directly from cache for a period of time after a failed lookup, before a new attempt to refresh it is made. [GL #2066] Feature Changes: * The default value of max-recursion-queries was increased from 75 to 100. Since the queries sent towards root and TLD servers are now included in the count (as a result of the fix for CVE-2020-8616), max-recursion-queries has a higher chance of being exceeded by non-attack queries, which is the main reason for increasing its default value. [GL #2305] The default value of nocookie-udp-size was restored back to 4096 bytes. Since max-udp-size is the upper bound for nocookie-udp-size, this change relieves the operator from having to change nocookie-udp-size together with max-udp-size in order to increase the default EDNS buffer size limit. nocookie-udp-size can still be set to a value lower than max-udp-size, if desired. [GL #2250] Bug Fixes: Handling of missing DNS COOKIE responses over UDP was tightened by falling back to TCP. [GL #2275] The CNAME synthesized from a DNAME was incorrectly followed when the QTYPE was CNAME or ANY. [GL #2280] Building with native PKCS#11 support for AEP Keyper has been broken since BIND 9.16.6. This has been fixed. [GL #2315] named could crash with an assertion failure if a TCP connection were closed while a request was still being processed. [GL #2227] named acting as a resolver could incorrectly treat signed zones with no DS record at the parent as bogus. Such zones should be treated as insecure. This OBS-URL: https://build.opensuse.org/request/show/859291 OBS-URL: https://build.opensuse.org/package/show/network/bind?expand=0&rev=306
17 lines
833 B
Plaintext
17 lines
833 B
Plaintext
-----BEGIN PGP SIGNATURE-----
|
|
|
|
iQIzBAABCgAdFiEElc7aJWscoKFfMC+1lSGn7V2s6RgFAl/Xs+kACgkQlSGn7V2s
|
|
6RiWqhAAqJcELI++5TjipTsmV42navWlnHDD6ccpuhNDVGusX1+HA3n3n7ne8dNX
|
|
PrYtDU0ZiCr1yj6vBldtttD0MpRVfr3+UaLQesD1vVty+FffnzxaR0RhHiIe3X4U
|
|
220qypWsfSkf+lmSLuc1U1sSPkclhBMV43WDs06gJXGdU+qt+4pJfqdo1cnbZ7dG
|
|
0iWouSt/mkSGpX5XApC9foT0S8DUQumYv41eo40NCaoqd8DT8Yok8Xq2pdDDpzPg
|
|
3rCEuIixU8yVDvKLbEBrN2wxx60PFW77vMD1WAQjZTexbvNmFoWcmFVvSgkQRP1A
|
|
4nvQ8DAVSSOhoJlzXafDcpVOCyEJ68AHortryf+rVv48tVMkCgFzDa8SBjcrRP1r
|
|
uYcx0pJAQy2ZjTkjk6CJuInvPrYV7lq05X3PnXGsvVRvV3bJPqSqq5iHSYxY3BVh
|
|
tWNx8C7zpMdHoq7Si47v5/qLh92V8bVA9xWHAwtrs6xvojgwhl9iI0EkZRfjbzvW
|
|
HPqyEYbUBYppORuGoKgK5a8Jh8j/1slb8A7jrhaLXOrXrASbfvblAXTh7Uqk4lSe
|
|
OB33cqvn8x4eYYjrjdkss989RBT3m5GBmOrDaGsJT/BlvA3t/J2ViOQBf4DcuDdY
|
|
AsPf3kqMYorUaJo2hBFlqsJqHLcJn4+nlVvEVO9cmlZlX1vuYLU=
|
|
=cLza
|
|
-----END PGP SIGNATURE-----
|